Rewording 'an origin's process'.

mikewest · mikewest · commit 1ebb4b0e577b · 2021-02-25T08:30:40.000+01:00
diff --git a/index.bs b/index.bs
@@ -190,7 +190,8 @@ Spectre-like side-channel attacks inexorably lead to a model in which active web
 has entered the address space of the process which hosts it. While this has deep implications for
 user agent implementations' internal hardening strategies (stack canaries, ASLR, etc), here we'll
 remain focused on the core implication at the web platform level, which is both simple and profound:
-any data which flows into an origin's process is legible to that origin. We must design accordingly.
+any data which flows into a process hosting a given origin is legible to that origin. We must design
+accordingly.
 
 In order to determine the scope of data that can be assumed accessible to an attacker, we must make
 a few assumptions about the normally-not-web-exposed process model which the user agent implements.
@@ -202,8 +203,8 @@ The following seems like a good place to start:
     invisible to any process potentially hosting untrusted code.
 
 2.  User agents are able to make decisions about whether or not a given resource should be delivered
-    to an origin's process based on characteristics of both the request and the response (headers,
-    etc).
+    to a process hosting a given origin based on characteristics of both the request and the
+    response (headers, etc).
 
 3.  User agents can consistently separate top-level, cross-origin windows into distinct processes.
     They cannot consistently separate same-site or same-origin windows into distinct processes given
diff --git a/index.html b/index.html
@@ -1486,7 +1486,7 @@
 </style>
   <meta content="Bikeshed version c5172e83, updated Fri Nov 20 15:35:20 2020 -0800" name="generator">
   <link href="https://mikewest.github.io/post-spectre-webdev/" rel="canonical">
-  <meta content="f1728a156b2f6e79f81ad195d69497cb48927e2a" name="document-revision">
+  <meta content="00ccca50d4a466befbe24ffec0f800a75176244a" name="document-revision">
 <style>/* style-autolinks */
 
 .css.css, .property.property, .descriptor.descriptor {
@@ -2043,7 +2043,7 @@
   <div class="head">
    <p data-fill-with="logo"></p>
    <h1 class="p-name no-ref" id="title">Post-Spectre Web Development</h1>
-   <h2 class="no-num no-toc no-ref heading settled" id="subtitle"><span class="content">A Collection of Interesting Ideas, <time class="dt-updated" datetime="2021-02-24">24 February 2021</time></span></h2>
+   <h2 class="no-num no-toc no-ref heading settled" id="subtitle"><span class="content">A Collection of Interesting Ideas, <time class="dt-updated" datetime="2021-02-25">25 February 2021</time></span></h2>
    <div data-fill-with="spec-metadata">
     <dl>
      <dt>This version:
@@ -2058,7 +2058,7 @@ <h2 class="no-num no-toc no-ref heading settled" id="subtitle"><span class="cont
    <div data-fill-with="warning"></div>
    <p class="copyright" data-fill-with="copyright"><a href="http://creativecommons.org/publicdomain/zero/1.0/" rel="license"><img alt="CC0" src="https://licensebuttons.net/p/zero/1.0/80x15.png"></a> To the extent possible under law, the editors have waived all copyright
 and related or neighboring rights to this work.
-In addition, as of 24 February 2021,
+In addition, as of 25 February 2021,
 the editors have made this specification available under the <a href="http://www.openwebfoundation.org/legal/the-owf-1-0-agreements/owfa-1-0" rel="license">Open Web Foundation Agreement Version 1.0</a>,
 which is available at http://www.openwebfoundation.org/legal/the-owf-1-0-agreements/owfa-1-0.
 Parts of this work may be from another specification document.  If so, those parts are instead covered by the license of that specification document. </p>
@@ -2141,7 +2141,8 @@ <h3 class="heading settled" data-level="1.1" id="threat-model"><span class="secn
 has entered the address space of the process which hosts it. While this has deep implications for
 user agent implementations' internal hardening strategies (stack canaries, ASLR, etc), here we’ll
 remain focused on the core implication at the web platform level, which is both simple and profound:
-any data which flows into an origin’s process is legible to that origin. We must design accordingly.</p>
+any data which flows into a process hosting a given origin is legible to that origin. We must design
+accordingly.</p>
    <p>In order to determine the scope of data that can be assumed accessible to an attacker, we must make
 a few assumptions about the normally-not-web-exposed process model which the user agent implements.
 The following seems like a good place to start:</p>
@@ -2153,8 +2154,8 @@ <h3 class="heading settled" data-level="1.1" id="threat-model"><span class="secn
 invisible to any process potentially hosting untrusted code.</p>
     <li data-md>
      <p>User agents are able to make decisions about whether or not a given resource should be delivered
-to an origin’s process based on characteristics of both the request and the response (headers,
-etc).</p>
+to a process hosting a given origin based on characteristics of both the request and the
+response (headers, etc).</p>
     <li data-md>
      <p>User agents can consistently separate top-level, cross-origin windows into distinct processes.
 They cannot consistently separate same-site or same-origin windows into distinct processes given
